Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-15 | CVE-2017-6841 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. | 5.5 |
| 2017-03-15 | CVE-2017-6840 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. | 5.5 |
| 2017-03-15 | CVE-2017-6828 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Audiofile 0.3.6 Heap-based buffer overflow in the readValue function in FileHandle.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted WAV file. | 7.8 |
| 2017-03-15 | CVE-2017-6827 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Audiofile 0.3.6 Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile (aka libaudiofile and Audio File Library) 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file. | 7.8 |
| 2017-03-15 | CVE-2017-6505 | Infinite Loop vulnerability in Qemu The ohci_service_ed_list function in hw/usb/hcd-ohci.c in QEMU (aka Quick Emulator) before 2.9.0 allows local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors, a different vulnerability than CVE-2017-9330. | 6.5 |
| 2017-03-15 | CVE-2017-6440 | Integer Overflow or Wraparound vulnerability in Libplist Project Libplist 1.12 The parse_data_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | 5.0 |
| 2017-03-15 | CVE-2017-6439 | Out-of-bounds Write vulnerability in Libplist Project Libplist 1.12 Heap-based buffer overflow in the parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) via a crafted plist file. | 5.0 |
| 2017-03-15 | CVE-2017-6438 | Out-of-bounds Write vulnerability in Libplist Project Libplist 1.12 Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file. | 7.3 |
| 2017-03-15 | CVE-2017-6437 | Out-of-bounds Read vulnerability in Libplist Project Libplist 1.12 The base64encode function in base64.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds read) via a crafted plist file. | 5.0 |
| 2017-03-15 | CVE-2017-6436 | Improper Input Validation vulnerability in Libplist Project Libplist 1.12 The parse_string_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (memory allocation error) via a crafted plist file. | 5.0 |